[AussieWog93]

I think the problem is that older SDK versions allowed you to do things like scan local WiFi names to get location data, without requiring the location permission.

So bad actors would just target lower SDK versions and ignore the privacy improvements

[john01dav]

The newer Android version could simply give empty data (for example, location is 0,0 latitude longitude, there are no visible WiFi networks), when the permission is missing and an app on the old SDK version requests it.

Of course, they don't like this because then apps can't easily refuse to work if not allowed to spy.

[jpollock]

That can have some very extreme legal ramifications.

Consider - it's a voip dialing client which has a requirement to provide location for E911 support.

If the OS vendor starts providing invalid data, it's the OS vendor which ends up being liable for the person's death.

e.g. https://www.cnet.com/home/internet/texas-sues-vonage-over-91...

which is from 2005, but gives you an idea of the liability involved.

[pocksuppet]

Phone companies are required to make sure 911 works on their phones. Random people on the internet aren't required to make sure 911 works on random apps, even if they look like phones.

[squeaky-clean]

The comment you're replying to literally has an example of an internet calling service being fined $20,000 for not properly directing 911 calls.

I guess Vonage should try to appeal the case and say pocksuppet said they're not required to do that.

[pocksuppet]

Vonage sells phone services that happen to use the internet. This is not the same as being WhatsApp.

[eviks]

It can't have "extreme ramifications", Google's own phone couldn't call 911 for a while.

And you can manually force only the voip dialing apps instead of everyone